Show filters
120 Total Results
Displaying 41-50 of 120
Sort by:
Attacker Value
Unknown
CVE-2002-1308
Disclosure Date: November 29, 2002 (last updated February 22, 2025)
Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression.
0
Attacker Value
Unknown
CVE-2002-1204
Disclosure Date: November 29, 2002 (last updated February 22, 2025)
Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name.
0
Attacker Value
Unknown
CVE-2002-1042
Disclosure Date: October 04, 2002 (last updated February 22, 2025)
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.
0
Attacker Value
Unknown
CVE-2002-1091
Disclosure Date: October 04, 2002 (last updated February 22, 2025)
Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width.
0
Attacker Value
Unknown
CVE-2002-0815
Disclosure Date: August 12, 2002 (last updated February 22, 2025)
The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain.
0
Attacker Value
Unknown
CVE-2002-0354
Disclosure Date: June 25, 2002 (last updated February 22, 2025)
The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property.
0
Attacker Value
Unknown
CVE-2002-0593
Disclosure Date: June 18, 2002 (last updated February 22, 2025)
Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.
0
Attacker Value
Unknown
CVE-2002-0594
Disclosure Date: June 18, 2002 (last updated February 22, 2025)
Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.
0
Attacker Value
Unknown
CVE-2001-0921
Disclosure Date: November 21, 2001 (last updated February 22, 2025)
Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext.
0
Attacker Value
Unknown
CVE-2001-0745
Disclosure Date: October 18, 2001 (last updated February 22, 2025)
Netscape 4.7x allows remote attackers to obtain sensitive information such as the user's login, mailbox location and installation path via Javascript that accesses the mailbox: URL in the document.referrer property.
0